Securing the Internet of Things: Introducing the Security Program for Azure IoT

This post is authored by Sam George, Partner Director Program Management, Azure IoT

As the Internet of Things (IoT) continues to gain traction in the enterprise, questions of security and privacy are top of mind for business decision makers, executives and IT alike. In our work with customers, we find many businesses are struggling to determine how secure their end-to-end IoT infrastructure is, or even delaying IoT implementations until security best practices and standards can be established and confirmed.

Our goal at Microsoft to keep our customer’s IoT solutions secure. We already do this on multiple levels, ranging from the cloud and beyond – including Azure’s enterprise-grade security, working with standards bodies on IoT security, and providing comprehensive security recommendations and guidance – to individual assets that only support secure protocols when connecting to devices and the Windows 10 IoT Core secure IoT operating system.

While these are all important aspects of IoT security, we have heard from enterprises that they want additional security assurances to make sure they have assembled their IoT solutions in a secure way from devices, to connectivity, to cloud.

Today, I’m thrilled to announce the Security Program for Azure IoT. This new program brings together a curated set of best-in-class security auditors customers can choose from to perform a security audit on their IoT solutions, find issues and provide recommendations. The Security Program for Azure IoT will work from the ground up, examining everything from a businesses’ devices and assets to gateways and even communication to the cloud.

Our initial best-in-class security auditors include Casaba Security LLC, CyberX, Praetorian, and Tech Mahindra and will expand as the program grows. Microsoft will also be working with these security auditing partners and standards organizations, such as the Industrial Internet Consortium (IIC), to establish industry protocols and best practices for security auditing. This is part of our commitment to establish a vibrant and safe IoT ecosystem.

In all our security efforts, Microsoft works with security partners to help protect businesses – and ultimately help us raise the bar across the industry. Select Azure IoT customers will be the first to take advantage of this program to evaluate their end-to-end IoT infrastructure and manage their security risk. In the coming months, we’ll continue to provide updates on the Security Program for Azure IoT, our global auditing partners, and auditing standards.